package com.qf.myrealm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import java.util.Arrays;

/**
 * 2019/11/25
 * Administrator
 * shiroDemo1125
 * 面向对象面向君  不负代码不负卿
 */
//认证realm
public class RealmC extends AuthorizingRealm {
    //处理授权操作
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //根据用户信息查询该用户所对应的权限列表
      String username=(String)  principalCollection.getPrimaryPrincipal();//得到用户信息SimpleAuthenticationInfo构造中的第一个参数
        //将该用户正确的权限列表添加到返回值对象中，再添加权限
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.addRole("role1");
        authorizationInfo.addStringPermissions(Arrays.asList("user:create","user:update"));

        return authorizationInfo;
    }
    //处理认证代码
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //1.先得到用户提交的token中的用户名和密码
        String username =(String) token.getPrincipal();//得到用户名
       //2.根据用户名查询出用户信息,得到正确的密码
        String truepassword="876d21fb08f5bf82f1167fbfa357c02e";
        String salt="agte";
        //SimpleAuthenticationInfo(用户名,密码,盐值,自定义名称)
        return new SimpleAuthenticationInfo(username,truepassword, ByteSource.Util.bytes(salt),"myrealmb");
    }
}
